renderers/ofoverlay/src/main/java/org/opendaylight/groupbasedpolicy/renderer/ofoverlay/mapper/egressnat/EgressNatMapperFlows.java

   1 /*
   2  * Copyright (c) 2014 Cisco Systems, Inc. and others. All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.groupbasedpolicy.renderer.ofoverlay.mapper.egressnat;
  10
  11 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.OfWriter;
  12 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowIdUtils;
  13 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils;
  14 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.OrdinalFactory;
  15 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;
  16 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Prefix;
  17 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv6Prefix;
  18 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action;
  19 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowId;
  20 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;
  21 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowBuilder;
  22 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.Match;
  23 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
  24 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.L3ContextId;
  25 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.TenantId;
  26 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoints.EndpointL3;
  27 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.l3endpoint.rev151217.NatAddress;
  28 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId;
  29 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.Layer3Match;
  30 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4MatchBuilder;
  31 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6MatchBuilder;
  32 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg6;
  33 import org.slf4j.LoggerFactory;
  34
  35 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.*;
  36
  37 public class EgressNatMapperFlows {
  38
  39     private static final org.slf4j.Logger LOG = LoggerFactory.getLogger(EgressNatMapperFlows.class);
  40     private final NodeId nodeId;
  41     private final short tableId;
  42
  43     public EgressNatMapperFlows(NodeId nodeId, short tableId) {
  44         this.nodeId = nodeId;
  45         this.tableId = tableId;
  46     }
  47
  48     /**
  49      * Default flow which drops incoming traffic
  50      *
  51      * @param priority  of flow in the table
  52      * @param etherType can be set as specific protocol to match
  53      * @param ofWriter  flow writer
  54      */
  55     void dropFlow(int priority, Long etherType, OfWriter ofWriter) {
  56         FlowId flowId;
  57         FlowBuilder flowBuilder = FlowUtils.base(tableId)
  58                 .setPriority(priority)
  59                 .setInstructions(FlowUtils.dropInstructions());
  60         if (etherType != null) {
  61             MatchBuilder matchBuilder = new MatchBuilder()
  62                     .setEthernetMatch(FlowUtils.ethernetMatch(null, null, etherType));
  63             Match match = matchBuilder.build();
  64             flowId = FlowIdUtils.newFlowId(tableId, "drop", match);
  65             flowBuilder.setMatch(match);
  66         } else {
  67             flowId = FlowIdUtils.newFlowId("dropAll");
  68         }
  69         flowBuilder.setId(flowId);
  70         ofWriter.writeFlow(nodeId, tableId, flowBuilder.build());
  71     }
  72
  73     /**
  74      * For every L3 endpoint with NAT augmentation. Match on inside IP address
  75      *
  76      * @param goToTable   external mapper table Id
  77      * @param l3Endpoint  corresponding {@link EndpointL3}
  78      * @param priority    of the flow
  79      * @param ofWriter    flow writer
  80      */
  81     void natFlows(short goToTable, EndpointL3 l3Endpoint, int priority, OfWriter ofWriter) {
  82         NatAddress natAugL3Endpoint = l3Endpoint.getAugmentation(NatAddress.class);
  83         if (natAugL3Endpoint == null) {
  84             return;
  85         }
  86         // Match on L3 Nat Augmentation in Destination, set to IPAddress/Mac, send to SourceMapper
  87         Flow flow = buildNatFlow(goToTable, priority, l3Endpoint.getIpAddress(), natAugL3Endpoint.getNatAddress(),
  88                 l3Endpoint.getTenant(), l3Endpoint.getL3Context());
  89         ofWriter.writeFlow(nodeId, tableId, flow);
  90     }
  91
  92     private Flow buildNatFlow(short goToTable, int priority, IpAddress insideAddress, IpAddress outsideAddress,
  93                               TenantId tenantId, L3ContextId l3Ctx) {
  94         MatchBuilder matchBuilder = new MatchBuilder();
  95         Action setSrcIp;
  96         String insideIpMatch;
  97         Layer3Match layer3Match;
  98
  99         FlowId flowId = new FlowId(new StringBuilder().append("EgressNat")
 100                 .append("|")
 101                 .append(insideAddress)
 102                 .append("|")
 103                 .append(outsideAddress)
 104                 .toString());
 105         if (outsideAddress.getIpv4Address() != null) {
 106             setSrcIp = setIpv4SrcAction(outsideAddress.getIpv4Address());
 107             insideIpMatch = insideAddress.getIpv4Address().getValue() + "/32";
 108             layer3Match = new Ipv4MatchBuilder().setIpv4Source(new Ipv4Prefix(insideIpMatch)).build();
 109             matchBuilder.setEthernetMatch(ethernetMatch(null, null, FlowUtils.IPv4)).setLayer3Match(layer3Match);
 110         } else if (outsideAddress.getIpv6Address() != null) {
 111             setSrcIp = setIpv6SrcAction(outsideAddress.getIpv6Address());
 112             insideIpMatch = insideAddress.getIpv6Address().getValue() + "/128";
 113             layer3Match = new Ipv6MatchBuilder().setIpv6Source(new Ipv6Prefix(insideIpMatch)).build();
 114             matchBuilder.setEthernetMatch(ethernetMatch(null, null, FlowUtils.IPv6)).setLayer3Match(layer3Match);
 115         } else {
 116             return null;
 117         }
 118
 119         long contextOrdinal;
 120         try {
 121             contextOrdinal = OrdinalFactory.getContextOrdinal(tenantId, l3Ctx);
 122         } catch (Exception e) {
 123             LOG.error("Failed to get L3 context ordinal, L3 context ID: {}", l3Ctx);
 124             return null;
 125         }
 126
 127         addNxRegMatch(matchBuilder, RegMatch.of(NxmNxReg6.class, contextOrdinal));
 128
 129         FlowBuilder flowBuilder = base(tableId).setPriority(priority)
 130                 .setId(flowId)
 131                 .setMatch(matchBuilder.build())
 132                 .setInstructions(
 133                         instructions(applyActionIns(setSrcIp), gotoTableIns(goToTable)));
 134         return flowBuilder.build();
 135     }
 136 }